Providing Dynamic Control to Passive Network Security Monitoring
RAID, pp. 133-152, 2015.
Passive network intrusion detection systems detect a wide range of attacks, yet by themselves lack the capability to actively respond to what they find. Some sites thus provide their IDS with a separate control channel back to the network, typically by enabling it to dynamically insert ACLs into a gateway router for blocking IP addresses....More
Full Text (Upload PDF)
PPT (Upload PPT)